Senior Product Manager

Job Description

Senior Product Manager – AI-Powered Investigation & Response Content Overview We’re seeking a seasoned Senior Product Manager to lead the strategy and delivery of AI-driven threat investigation and response content within our next-gen AI investigation platform. This role is ideal for someone who has hands-on experience with detection logic (e.g., Sigma, KQL, YAML), but is now focused on building scalable pipelines and frameworks that feed AI-based workflows for automated investigation, prioritization, and response. You’ll be responsible for defining how threat signals, detections, and analyst actions are transformed into dynamic content that powers automated and guided investigations—integrated across cloud platforms and SOC environments. Key Responsibilities Own the Product Strategy for investigation and response content that supports AI-based decision-making and automation. Operationalize Content Pipelines to continuously deliver investigation and response content (e.g., decision trees, playbooks, enrichment steps) across customers via CI/CD. Standardize Content Frameworks to ensure structured, reusable, and extensible logic using formats like YAML, Sigma, and JSON. Collaborate with Detection & ML Teams to align investigation triggers, context enrichment, and response actions with AI models and logic engines. Map Detection to Investigation: Work with engineering and threat teams to define how signals from Snowflake, Google Chronicle, Sentinel (KQL), etc., are consumed and enriched in investigation workflows. Drive Feedback Loops: Define structures that enable AI to learn from analyst feedback, human-in-the-loop responses, and investigation outcomes. Ensure Coverage Across Platforms: Coordinate across cloud environments (AWS, Azure, GCP) as well as across products aligning to the same category - Firewalls, IAM, EDR/XDR etc to ensure that AI-driven content works consistently with telemetry from each source. Measure & Optimize content usage, accuracy, and performance across customer environments. Requirements 7–10 years in Product Management or a hybrid Detection Engineering/Content role, preferably in cloud security or threat detection/response. Experience working with or building detection content in Sigma, YAML, or KQL (Microsoft Sentinel). Familiarity with SIEM / data lakes such as Snowflake, Google Chronicle, ELK,Splunk, MS Sentinel or similar systems. Strong understanding of threat detection signals, cloud telemetry, and how they map to automated investigations and playbook-driven response. Demonstrated experience in operationalizing security content using Git-based workflows, CI/CD pipelines, and versioning best practices. Strong collaboration skills; ability to work cross-functionally with engineers, threat researchers, and AI/ML teams. Nice to Have Experience with AI/ML-based investigation platforms or decision engines for security operations. Familiarity with response frameworks like SOAR, XDR, or custom security automation platforms. Prior experience in building multi-tenant, content-driven platforms or working with MSSPs. Scripting skills (Python, Bash) or previous hands-on work automating security tasks. Security certifications (e.g., GCIA, GCTI, CISSP) or prior SOC/IR background. Show more Show less